Luca is now live! Discover in Introduction
This privacy statement describes which personal data we collect from you when you provide us with information and how we process this (personal) data. This privacy statement also contains information about your rights with regard to the processing of your personal data.
The controller
The controller is Blocks Software B.V. and/or an affiliated company of Blocks Software B.V., each of which is a separate and independent legal entity. In this privacy statement, they are collectively referred to as “Blocks Software B.V.” or as “we”, “our” or “us”. This privacy statement applies to each of these companies separately.
The data subjects
We may collect and process personal data from:
- our customers, suppliers, business contacts and potential customers (and/or persons connected to them);
- persons from whom we obtain personal data when providing business services to our customers (e.g. the employees, customers and suppliers of our customers, family members of our customers and employees, contact persons at government authorities, other advisors of the data subject);
- our employees and applicants; and
- the visitors to our website and social media.
What types of personal data do we process from you
Depending on the type of services provided, our legal obligations, our legitimate interests or the specific consent you have given us, we may collect and/or store the following types of personal data:
- basic data such as your name, age, date of birth, your gender, language, your marital status;
- your contact details;
- your professional activities;
- your business and educational details;
- identity data;
- bank, salary, income and tax data, creditworthiness and other financial information;
- personal data that you provide to us in the course of providing services and other personal data that you provide to us.
We primarily do not collect special categories of personal data. These special categories include racial or ethnic data, political opinions, religious or philosophical beliefs, trade union membership, medical data of a physical or mental nature, processing of genetic data, biometric data, data relating to sexual behavior or sexual orientation, and criminal data. If this is the case, specific approval will be requested from the data subject.
How do we collect your personal data
To carry out our assignments and services, we ask you to provide us with certain information, files and/or other types of data. We may collect or obtain personal data because you provide it to us.
In addition, we may collect and obtain this information because others provide this data to us. This may include:
- via our customers about their employees;
- via our customers and other data subjects from whom they collect personal data;
- other advisors of the data subject;
- government authorities, or third-party service providers that we use to perform our business activities.
Finally, we may collect or obtain personal data as a result of your visit and contact requests via our website and through applications on social media or because they are publicly accessible via the Chamber of Commerce and Company.info.
Use of personal data
With the exception of cases in which we process your personal data on the basis of your (explicit and specific) consent, we may process your personal data for the purposes described below because processing is necessary for:
- compliance with our obligations under laws and regulations;
- the execution of our concluded agreement for services in which you have requested us to carry out the activities mentioned therein;
Personal data may be used for the following purposes:
- Analysis, assessment and acceptance of a customer, entering into and executing agreements with a customer;
- Providing business services to our (potential) customers. This may be data of the data subject himself, of the employer of the data subject and/or of a party with whom the data subject enters into an agreement;
- The development and improvement of products and/or services: we process personal data to carry out our business activities, including managing the relationship with our customers, fulfilling our administrative, accounting and business obligations, maintaining, managing and using our IT systems and applications;
- We also collect personal data from our own employees in the context of maintaining the (salary) administration, managing and promoting our business activities;
- Safety, quality and risk management: personal data may be processed for the purpose of protecting our own data and that of our customers, as well as in the context of internal quality and risk assessments;
- Legal obligations: like other business service providers, we are subject to obligations under laws and regulations, as well as professional obligations. We must therefore keep certain data to demonstrate that our services have been provided in accordance with those obligations.
- The protection of our rights and those of our customers.
To whom do we disclose your personal data
From time to time, we will pass on or disclose personal data to third parties for the aforementioned purposes, including but not limited to government authorities, professional organizations and third parties who provide services on our behalf, such as providers of web hosting services, IT suppliers, suppliers of payment services, suppliers of services for customer relationship management.
If we disclose your personal data to third parties who perform services on our behalf, we will ensure that these service providers only use your data in accordance with our instructions and we will not give them permission to use or disclose personal data, unless this is necessary to perform services on our behalf or to comply with the applicable legal obligations.
We do not intend to transfer your personal data outside the EEA, the European Economic Area, i.e. European companies and organizations.
We may disclose your personal data to third parties if we are required to do so by law, a supervisory authority, or for the purpose of or in connection with legal proceedings, or otherwise for the purpose of establishing, exercising or defending our rights.
Rights of the data subject
If we act as controller for your personal data, you can exercise a number of rights with regard to your personal data, including:
- access to the data we have from you;
- request rectification if the data we have is not accurate;
- request to delete your data;
- withdrawal of your provided consent for the processing of your data;
- restriction of the processing of your data;
- object to our processing of your data;
- request to transfer your data to another controller (data portability).
We will ensure that you can exercise your rights as a data subject in accordance with the provisions of the applicable privacy legislation. It is also possible that we cannot comply with your request, for example because the processing of certain personal data is required on the basis of our legal and/or professional obligations or for other reasons (e.g. in connection with legal proceedings). If we are unable to comply with a particular request, we will explain our reasons for this.
To prevent us from disclosing your personal data without permission, we must verify your identity. In case of doubt or ambiguity, we will first ask you for additional information.
Duration of the processing
We will store your personal data in our systems for the longest term of the following terms:
- as long as necessary for the purpose for which the data was collected;
- during the required legal term; or
- until the end of the limitation period within which legal proceedings or investigations can be instituted as a result of our services.
After the applicable retention period(s) has (have) expired, the personal data will be deleted or anonymized.
Data security
We ensure that appropriate technical and organizational measures are taken to protect your personal data against misuse or accidental, unlawful or unauthorized destruction, loss, alteration, disclosure, acquisition, access or similar risks, such as the use of antivirus programs, firewalls, secure servers, backups, encryption software for hard drives, password protection, physical access control, double authentication and intrusion and anomaly detection.
Our employees who have access to your personal data are bound by procedures to ensure the confidentiality of the data. They only get access to your personal data to the extent that they need this information to perform their tasks properly. The persons who can consult your data are also bound by strict professional confidentiality.
When protecting your data, we will use at least the same protection as for our own data.
Cookies
Navigation on our website may result in cookies being sent to your computer. Cookies are small text files that are placed on your computer by the websites you visit.
Changes to privacy statement
This privacy statement applies from December 2025. We adjust this statement periodically based on changes in services and/or legislation in this regard. We therefore recommend that you consult it regularly to ensure that you still agree with our data processing activities.
Questions and complaints?
If you have any questions or complaints regarding this privacy statement or the way we collect and process your personal data, please contact us via info@blocks-software.com. We will respond to your question, request or complaint as soon as possible. Complaints can also be submitted to the privacy supervisor, the Dutch Data Protection Authority.
© Blocks Software B.V. 2025
All rights reserved
Contact details
Blocks Software B.V.
Suikerlaan 23b
9743DA Groningen
Accountants with AI as their extension
Discover how easily you can save time and deliver more quality.
